Analysis

Gartner has recommended that enterprises block AI browsers until associated risks can be adequately managed in its report "Cybersecurity Must Block AI Browsers for Now," highlighting that default AI browser settings "prioritize user experience over security." The report lists concrete failure modes including indirect prompt injection via rogue agents, erroneous agent actions from "inaccurate reasoning," credential theft through phishing redirects, employees bypassing cybersecurity training, incorrect corporate purchases (e.g., booking wrong flights) and loss of sensitive corporate data to cloud AI services. Independent research cited in the article — a October SquareX study and a subsequent Cato Networks disclosure — corroborates these vulnerabilities, identifying prompt injection, malicious workflows and a "HashJack" URL-based exploit that can weaponize legitimate sites to induce misinformation, phishing links and data exfiltration. Those findings indicate attackers can exploit agentic behaviors and default configurations without breaching backend infrastructure, raising the bar for enterprise controls. Gartner and practitioners conclude that eliminating these risks is unlikely and that low-risk-tolerance organizations may need long-term blocks, while advising measured adoption via service-level risk assessments and playbooks to govern AI agents. For investors this creates near-term policy and adoption headwinds for AI-browser vendors, a likely acceleration in enterprise spend on cybersecurity and governance tooling, and elevated execution risk for companies pushing rapid AI-browser rollouts absent robust controls.